Cybersecurity News


Continued Use of Python 2 Will Heighten Security Risks

With support for the programming language no longer available, organizations should port to Python 3, security researches say.
28 April 2020

Google discloses zero-click bugs impacting several Apple operating systems

Apple needs to follow in Google and Mozilla's footsteps and secure its multimedia processing libraries.
28 April 2020

Enterprise Security Woes Explode with Home Networks in the Mix

Enterprise Security Woes Explode with Home Networks in the Mix Thanks to WFH, IoT refrigerators, Samsung TVs and more can now be back-channel proxies into the corporate network.
28 April 2020

Rapid7 Announces Plan to Buy DivvyCloud

The purchase will boost Rapid7's multicloud capabilities.
28 April 2020

Would You Have Fallen for This Phone Scam?

You may have heard that today's phone fraudsters like to use use caller ID spoofing services to make their scam calls seem more believable. But you probably didn't know that your bank may be making it super easy for thieves to impersonate the bank, by giving away information about recent transactions on your account via automated, phone-based customer support systems.
28 April 2020

‘Black Rose Lucy’ is Back, Now Pushing Ransomware

‘Black Rose Lucy’ is Back, Now Pushing Ransomware Researchers say incidents of mobile malware are becoming more common and growing more sophisticated.
28 April 2020

5-Year-Long Cyber Espionage Campaign Hid in Google Play

OceanLotus targeted Android devices in the so-called PhantomLance campaign.
28 April 2020

Critical Adobe Illustrator, Bridge and Magento Flaws Patched

Critical Adobe Illustrator, Bridge and Magento Flaws Patched Adobe fixed critical flaws in Illustrator, Magento and Bridge in an out-of-band security update.
28 April 2020

5 Big Lessons from the Work-from-Home SOC

Accustomed to working in the same room, security teams now must find ways to operate effectively in the new remote reality.
28 April 2020

Additional Remote Assessment Considerations During COVID-19


PCI SSC recognizes that in the current exceptional circumstances relating to COVID-19, entities are asking how they can support payment security and assessment activities while also dealing with new and unfamiliar issues related to the global pandemic.

28 April 2020

Increased Credential Threats in the Age of Uncertainty

Three things your company should do to protect credentials during the coronavirus pandemic.
28 April 2020

Hackers threaten to leak data from high-end architecture firm Zaha Hadid

Hackers have stolen data from the company's network, encrypted everything with ransomware, and are now threatening to release files on the dark web if the company doesn't pay a ransom demand.
28 April 2020

Hackers Leak Biopharmaceutical Firm’s Data Stolen in Ransomware Attack

Hackers Leak Biopharmaceutical Firm’s Data Stolen in Ransomware Attack The Clop ransomware group has reportedly leaked compromised data of biopharmaceutical company ExecuPharm after a recent cyberattack.
28 April 2020

WordPress Plugin Bug Opens 100K Websites to Compromise

WordPress Plugin Bug Opens 100K Websites to Compromise Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace.
28 April 2020

Security Pros Reassigned to IT Tasks in Coronavirus Pandemic

Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.
28 April 2020

Sophisticated Android Spyware Attack Spreads via Google Play

Sophisticated Android Spyware Attack Spreads via Google Play The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia -- and could be the work of the OceanLotus APT.
28 April 2020

PhantomLance spying campaign breaches Google Play security

The four-year-long attack wave has been connected to dozens of malicious apps found in app stores.
28 April 2020

What's Your Cybersecurity Architecture Integration Business Plan?

To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy.
28 April 2020

New Startup Accurics Tackles Cloud Infrastructure Security

Accurics offers a free product to prevent "drift" between infrastructure defined through code and infrastructure running in the cloud.
28 April 2020

Troves of Zoom Credentials Shared on Hacker Forums

Troves of Zoom Credentials Shared on Hacker Forums Several new databases have been uncovered on underground forums sharing recycled Zoom credentials.
28 April 2020